From ad45482119b2018f188d2519cc3538ea68d39ec1 Mon Sep 17 00:00:00 2001
From: nextcloud-command <nextcloud-command@users.noreply.github.com>
Date: Sun, 19 Apr 2026 03:22:09 +0000
Subject: [PATCH] ci(actions): Update workflow templates from organization
 template repository

Signed-off-by: GitHub <noreply@github.com>
---
 .github/actions-lock.txt                       | 10 +++++-----
 .github/workflows/block-merge-eol.yml          |  2 +-
 .github/workflows/block-merge-freeze.yml       |  2 +-
 .github/workflows/command-compile.yml          |  2 +-
 .github/workflows/dependabot-approve-merge.yml |  2 +-
 .github/workflows/npm-audit-fix.yml            |  2 +-
 6 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/actions-lock.txt b/.github/actions-lock.txt
index 50abf071..118fbf4f 100644
--- a/.github/actions-lock.txt
+++ b/.github/actions-lock.txt
@@ -1,16 +1,16 @@
 # SPDX-FileCopyrightText: 2025 Nextcloud GmbH and Nextcloud contributors
 # SPDX-License-Identifier: MIT
-aca26015c25f88afeaf0a3e76c115b06 block-merge-eol.yml
-3db54dfe0671bf6c30556a5bb6487c22 block-merge-freeze.yml
-0c3e9b2e56e1b2590a005a80b55c3218 command-compile.yml
-cbffe424c47647a2e375f96f25b67af9 dependabot-approve-merge.yml
+9f2b534bea27e8ec2dda7c1d772a664b block-merge-eol.yml
+25fc4c7e69e778e20bdc9eb0cc96367e block-merge-freeze.yml
+169b5a5085493975bb375af516b288cc command-compile.yml
+7dd8d21d9dd013196cd4bdbf7c24db6f dependabot-approve-merge.yml
 2581a67c5bcdcd570427e6d51db767d7 fixup.yml
 54f293d9abe11ac0035a7bbb96a4e453 lint-eslint.yml
 ccd8a55c60e35b84becb0f7005ce1286 lint-php-cs.yml
 5dcc3187a9460cb62a455235cbdb3562 lint-php.yml
 cf229fbf443d2f7a303f22eb92745811 lint-stylelint.yml
 c965845a0def7b39d872e47e93dd1139 node.yml
-2d1e4038ee445a9fc1dcdb10c8036d34 npm-audit-fix.yml
+8d41f3688950b42dce423fb9fc1f785c npm-audit-fix.yml
 5846b994639ccab0059bf23e141d389a phpunit-mysql.yml
 ec7d1084fbb3a6803dbabf3acdd17ac8 phpunit-oci.yml
 29b359a5b76e7ff8cd85af34b3bf36e3 phpunit-pgsql.yml
diff --git a/.github/workflows/block-merge-eol.yml b/.github/workflows/block-merge-eol.yml
index 3ea4d268..ab049456 100644
--- a/.github/workflows/block-merge-eol.yml
+++ b/.github/workflows/block-merge-eol.yml
@@ -27,7 +27,7 @@ jobs:
 
     steps:
       - name: Set server major version environment
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
diff --git a/.github/workflows/block-merge-freeze.yml b/.github/workflows/block-merge-freeze.yml
index 61660808..3a9d5cc3 100644
--- a/.github/workflows/block-merge-freeze.yml
+++ b/.github/workflows/block-merge-freeze.yml
@@ -29,7 +29,7 @@ jobs:
 
     steps:
       - name: Register server reference to fallback to master branch
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
           script: |
diff --git a/.github/workflows/command-compile.yml b/.github/workflows/command-compile.yml
index d9b4a0b7..f236822d 100644
--- a/.github/workflows/command-compile.yml
+++ b/.github/workflows/command-compile.yml
@@ -30,7 +30,7 @@ jobs:
 
     steps:
       - name: Get repository from pull request comment
-        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
+        uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
         id: get-repository
         with:
           github-token: ${{secrets.GITHUB_TOKEN}}
diff --git a/.github/workflows/dependabot-approve-merge.yml b/.github/workflows/dependabot-approve-merge.yml
index f84397b8..71261f46 100644
--- a/.github/workflows/dependabot-approve-merge.yml
+++ b/.github/workflows/dependabot-approve-merge.yml
@@ -53,6 +53,6 @@ jobs:
       # Enable GitHub auto merge
       - name: Auto merge
         uses: alexwilson/enable-github-automerge-action@56e3117d1ae1540309dc8f7a9f2825bc3c5f06ff # v2.0.0
-        if: startsWith(steps.branchname.outputs.branch, 'dependabot/')
+        if: startsWith(steps.branchname.outputs.branch, 'dependabot/') && (github.event.pull_request.action == 'opened' || github.event.pull_request.action == 'reopened')
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/npm-audit-fix.yml b/.github/workflows/npm-audit-fix.yml
index 80747848..3e274392 100644
--- a/.github/workflows/npm-audit-fix.yml
+++ b/.github/workflows/npm-audit-fix.yml
@@ -69,7 +69,7 @@ jobs:
 
       - name: Create Pull Request
         if: steps.checkout.outcome == 'success'
-        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
+        uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
         with:
           token: ${{ secrets.COMMAND_BOT_PAT }} # zizmor: ignore[secrets-outside-env]
           commit-message: 'fix(deps): Fix npm audit'